thanks for ur idea. The problem here is, i can't replace the sensitve data with some dummy data, because they are needed each time the report is displayed, so i need original Data. It doesn't help me to replace them. Any other idea?

Well if you need the original data, and make a report, that does not contain sensitive data. You can just make a copy of the original report and do an encryption on the sensitive data. Just keep the original report to use it internally, and sen the encryped one to anyone who needs the results.

Would this be a solution for you?

I am getting confused, since you are telling, that the one who sees the report should not see the data used. On the other hand you say, that the data is needed each time the report is used. So my question is, who is using the reports?

1. You don't want to use dummy data.
2. You don't want to scrub the data after the test.
3. You don't want to encrypt the data and then decrypt it during the test run.
4. You don't want to limit who sees the report.

You must do one of the 4.

So, to lay it out again, you have 4 choices:

1. Use dummy data in the test. This could include a user account that is only turned on during the test and then turned off afterwards (you could do this in a script in conjunction with the test run).

2. Scrub the data after the test. This could be done with a script that is run after the test is complete. You can just change all of the sensitive data to "XXXXXXX" or "*********" in the data file. You could even do first letter/last letter like "A********Z" or "1********9".

3. Encrypt the data and decrypt it in the module where it is used. The Encrypted data would be what is stored and printed in the report, but you would decrypt it right before you used it in the test. You would need to make sure that the Report.Log() methods do not contain references to the decrypted data.

4. If you won't do 1, 2 or 3, then your only remaining option is to not show the report to people who aren't allowed to see the sensitive data that is in the report.

These are the only ways to do what you are saying you want, which is to have the report be accurate but readable by people who aren't allowed to see the sensitive data.